You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@archiva.apache.org by Deng Ching <oc...@apache.org> on 2011/03/17 10:20:54 UTC

[CANCELLED] [VOTE] Release Archiva 1.3.5

I'm cancelling this vote now since there were still some issues found
with the security vulnerabilities.

-Deng

On Mon, Mar 14, 2011 at 5:06 PM, Deng Ching <oc...@apache.org> wrote:
> Hi All,
>
> The Archiva 1.3.5 release candidate has been staged. This release
> contains the fixes for the CSRF (CVE-2011-1026) and XSS
> (CVE-2011-1077) security vulnerability issues reported.
>
> You can take a look at the release notes here:
>
> http://archiva.apache.org/docs/1.3.5/release-notes.html or
> http://jira.codehaus.org/secure/ReleaseNote.jspa?atl_token=TV1WooJHia&version=17232&styleName=Text&projectId=10980&Create=Create
>
> The staging repository where the binaries, including the sources,
> signatures and checksums, is here:
>
> http://people.apache.org/builds/archiva/1.3.5/
>
> While the site has been staged at:
>
> http://archiva.apache.org/docs/1.3.5
>
> Everyone is encouraged to vote and give their feedback :)
>
> [ ] +1 Release it!
> [ ] 0
> [ ] -1 Don't release it, because...
>
> The vote will be open for 72 hours.
>
>
> Thanks,
> Deng
>